General
-
Target
PRODUCT LIST AND REQUIREMENTS.cmd
-
Size
1.9MB
-
Sample
220207-rx15ysdagm
-
MD5
e2f1babb1a1eef2ae65c6ea38d6a0549
-
SHA1
c8e7d6f27afd909570408078d3322368d5e48a9f
-
SHA256
5202d7287ca941b6d0951dd9fa84d721492fc30116bf90349a792ed22a06d7e6
-
SHA512
2af1070cefa4e92896a1c5d6a33992a5d3b0e947fc06ec40a76040aba0951a85a227515e2e20508a7fc9facf180232714cb09750944c7c320ec54bea2bf19a69
Static task
static1
Behavioral task
behavioral1
Sample
PRODUCT LIST AND REQUIREMENTS.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
PRODUCT LIST AND REQUIREMENTS.exe
Resource
win10v2004-en-20220113
Malware Config
Extracted
matiex
Protocol: smtp- Host:
collectionsolutionslimited.com - Port:
587 - Username:
[email protected] - Password:
destination1950 - Email To:
[email protected]
Targets
-
-
Target
PRODUCT LIST AND REQUIREMENTS.cmd
-
Size
1.9MB
-
MD5
e2f1babb1a1eef2ae65c6ea38d6a0549
-
SHA1
c8e7d6f27afd909570408078d3322368d5e48a9f
-
SHA256
5202d7287ca941b6d0951dd9fa84d721492fc30116bf90349a792ed22a06d7e6
-
SHA512
2af1070cefa4e92896a1c5d6a33992a5d3b0e947fc06ec40a76040aba0951a85a227515e2e20508a7fc9facf180232714cb09750944c7c320ec54bea2bf19a69
Score10/10-
Matiex Main Payload
-
Accesses Microsoft Outlook profiles
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Suspicious use of SetThreadContext
-